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ABSTRACT 



A communications link between a computer and a re- 
mote user is effected by a portable access unit which 
generates a nonrecurring access code which is a func- 
tion of a password and a pscudorandomly generated 
number. The access code is transmitted and compared 
with an access code generated by a computer access 
controller. In addition to the access code, the pscudo- 
randomly generated number provides an encryption 
key which is not transmitted but corresponds to a mat- 
ing encryption key generated at the controller. The 
mating encryption keys are utilized to set up data trans- 
mission enciphering/deciphering networks successive 
links are established by incremented pscudorandomly 
generated access codes. 

20 Claims, 3 Drawhig Figures 
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resulted in obtaining not only the data transmitted but 

COMPUTER ACCESSING SYST^I the user's password for subsequent access. 

BACKGROUND OF THE INVENTION SUMMARY OF THE INVENTION 

1 c»«-,«^, «f »K* f«*/A«t4riti ' A. remote computer is accessed by a nonrecumng 

1tS^<^^^^^^^^ access code genen^ted as a au^ctjono^ 

nicaS^n links between a Lmpatir and a remote termi- number and a user password The ^^^^^^^^ 

nal and more particularly to a system for accessing a mittcd over telephone Unes through the use of a digital 

computer and keying an encryption network for data signal to audio tone modem and decoded at the com- 

transmission through pseudbrabdom number genera- putcr locatioiL An access oontroUcr receives the de- 

jion coded access code and compares it to an expected ac- 

Society's multifaceted dependency upon computer cess code which has been congruently generated. Upon 
systems has increased the possible effects of unautho- recognition of an equality between the controller gener- 
rized computer access to untold levels. Computer net- ated access code and the transmitted access code, the 
working, such as time ^mring systems, has led to inher- controller grants access to the computer. The generated 
ent security problems* since programs executed by such pseudorandom number can be divided into two seg- 
systems shared access and cooperated with each other. ments. one of which is used to furnish the access code 
The capabilities of recent computer systems included ^ g^er an encryption key utilized for subsequent 
not only the utilization of ronote terminals but exten- transmission between the user and the computer or, 
sive resource sharing and batch processing of different in the alternative, two pseudorandom numbers are gen- 
projects. The use of such systems has necessarily to- erated. one of which is utilized for access code genera- 
creased the likelihood of dehT)eratc or evaa accidental tion and the other for the encryption key. 
acquisition and/or alteration of dat^ ^ compendium it wiU be appreciated 

Computer systems have been subject ta a vancty « that it is an object of the present invention to provide a 

security risks ranging from misappropnatton of confS- z» accessing system of the general character de- 

dcntial data through unauthonied ^,^>^ <^«P»^« scribed for^t^Wishing a communications link between 

S^^^c^^^tHSiir^ attached to^ such a remote accessing system of the general cha-acter 

Ei^ the consequences of unauthorized access and- described for estabhshmg a commumcations Imk be- 

Tor appropriSrSiereof. For example, the dato pro- tween a computer and a user em^oymg an accessing 

cessed in computer systems utilized for financial trans- password which » not transmitted over communica- 

actions has a substantial value due to the monetary 3d tions lines. 

losses which could be sustained as a result of system A further object of the present invention is to provide 

penetration. a remote accessing system of the general chti:acter 

A user has been traditionally identified by at least one described for establishing a communications link be- 

of the following: tween a computer and a user which utilizes i^eudoran- 

(a) through something he knew or had memorized* 40 <jom number generation to provkJe nonrecurring access 
e.g. a password; codes. 

(b) through somethhig he carried wih him, e.g. a card Another object of the present invention is to provide 
or badge; or a remote accessing system of the general character 

(c) through a personal physical characteristic e.g. described for establishing communication links between 
recognitiott by a guard. . a computer and a user which employs data encryption 

Passwords have been widely employed to authenti- ^jtablishcd in conjunction with a nonrecurring encryp- 
cate a remote terminal user. The use of passwords has 

been augmented by secondary security measures in Afurtherobjectof the present invention is to provide 

many instances. For example, a typical consumer bulk- ^ remote accessing system of the general character 

ing terminal accesses its computer by using a combina- 30 jjggcribed for estabtishing communications links be- 

tion of a magneticaUy encoded, card and the user's mem- ^ computer and a user which utilizes pseudoran- 

orized password commonly referred to as a personal number generation for the purpose of both acccss- 

kientification number. , ^ ^ ' ^- ^ ing the computer and providing a dato encryption key. 

While such systems might have been satisfactory of the present invention is to provide 

from a xx)st/loss risk st^ subject to 55 ^ ^ ^^^^ 

penetration with or without acc«« to the mdividua^ foTSlisLg communLtions links be- 

user's card. Various p^^ STccSputeTand aLr wherein interception of 

?t?^:^2iroTSSii";:b'^^ user.<.mpute?<.m^ 

mUseT^rdsM ComrvuJAcccss to Computer 60 ^^J^' f^'^'^^^^^^^n^^^ 

Resourced NBS Spedal. PubUcation 500-9 dated May CHher objecto of the m^^tion m^ be obvious 

1977 ^ P*"^ ^ ^ pomted out hercmaftcr. 

in' addition to penetration of the users password. With these ends in view the invention finds embodi- 

passwords themselves were meffective, for example. ment in certain combinatKms of dements, arrangements 

against the penettation threat of bctwecn-lines entry 65 of parts and series of steps by which the objects afore- 

and piggy-back infiltration. Unauthorized interception mentioned and certain other <*jecU are hcremafter 

of communication Ihiks between the computer and a attained, all as fully described with reference to the 

remote user has been a f^irthcr security problem and accompanying drawings and the scope of which is more 
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particularly pointed out and indicated in the appended Data Set. The tone encoded data is transmitted to the 

claims. computer 12 via the cotmnunications link 14. 

BRIEF DESrRIPTTON OF THF nUAWTNOS Pursuant to the invention, the microprocessor 18 is 

BRIEF DESCRIPTION OF THE DRAWINGS actuated to generate a chain of nonrecurring numbers 

In the accompanying drawings in which is shown one 5 from a group of seed numbers originally implanted. A 

of the various possible exemplary embodiments of the typical processor sub-routine for repeatable pseudoran- 

invention, dora number generation is disclosed in U.S. Pat No. 

FIG. 1 b a schematized block diagram of a remote 3.792,446 issued Feb. 12. 1974 to McFiggins ct al and 

accessing system constructed in accordance with and assigned to the assignee of the present invention. It 

embodying the invention and illustrating an access unit 10 should be understood that such pseudorandom number 

at a remote terminal establishing a communications link generation sub-routine is exemplary of manifold ran- 

to a main computer; <Jom number generation algorithms which may be em- 

FIG. 2 is a flow diagram illustrating an access con- ployed, 

troller routine for establishing access to the computer; User password integrity is maintained in accordance 

and *5 with the present invention by not directly transmitting 

FIG. 3 is a flow diagram illustrating a continuation of ^^e password over the communications link 14. Further, 

the controller routine originating in FIG. 2. pursuant to the instant invention, possession of the pass- 
word without the access unit will not permit access to 

DESCRIPTION OF THE PREFERRED the computer, nor wUl possession of the access unit 

EMBODIMENT 20 without the user's assigned password. 

Referring now in detaU to the drawings, and specifi- Generation of an^acceptable access code signal by the 

cally to FIG. 1 wherein a block diagram iUustrating a f^ess^^mt 16 entails the generation of a predicted pseu- 

typical communications chamiel Unking a remote user dorandom number by the microprocessor 18 and modi- 

with a computer is shown, the reference numeral 10 , iMeudorandom number as a function of 

denotes generally a remote terminal from which a user " f^^^'^* ^^if ^'""'^ ^ *^ keyboard (mput- 

communicates with a computer 12. In accordance with ^^^^P*^.^ device 22). For example, the access code may 

the present invention, a coLiunications link 14 is estab- ^."\P?^ pseudorandomly generated numbers mult,- 

lish^ through the use of conventional data transmission ^^'^^^ ^ "^"^ ^"^lu fi? 

. .... r t . I L I- number. The access code thus generated ts fed to the 

faculties such as, for example, a telephone line or — j _ » i-i. * * e 

«^ r * , 30 modem 26 along with a constant access unit preface 

The present mvention prevents unauthorized acc^ ^^^^^ tran^ion via the coimnunications link 14 

to the computer 12 through the use of a user assigned computer 12. Interception of the access code 

password which functions ^y m conjunction witli a transmission will not reveal the user's password but 
user assigned access unit 16. The access umt 16 is prefer- 

ably lightweight and handK^amed and typical m- 35 fo, j^c intercepted communication. As wUl be later 
eludes a microprocessor 18 such as MOS Technology described, such access code is not valid for subsequent 
6502 programmed to generate a senes of pseudorandom communication links and cannot form the basis for de- 
numbers in a reproducible fashion from an initial group- living subsequent valid codes, 

ing of seed numbers. jjj^ t^^g encoded transmissions through the commu- 
The access unit 16 further includes a data encoder 20 40 ^ications link 14 are received at a companion modem 28 
for the purpose of encrypting date for transmission over conversion to digital waveforms. Access to the main 
the link 14 to render mtercepted date commumcations computer 12 is controlled by a oontroUer unit 30 which 
unintelligible. The encoder 20 may comprise data en- monitors the communications link 14. The controUer 
cryption hardware compatible with the Data Encryptin ^ay comprise a minicomputer such as the Data General 
Standard algorithm promulgated by the National Bu- 45 NOVA series or even a microprocessor such as the 
reau of Standards. Among the devices presently avail- microprocessor used in conjunction with random num- 
able for data encryption utilizing the Data Encryption ^er generation at the access unit. 
Standard algorithm are the RockweU-CoIlins CR-100 it should be appreciated that the controller 30 is pro- 
Network Encryptor. the Hansco Data Processing-Fed- grammed with a congruent random number generation 
eral 007 and the Motorola "InfoGuard" system. Use of 30 algorithm and initial seed numbers compatible with 
the Data Encryption Standard algorithm is by way of those assigned to all authorized access units. Further, 
example only, and any other encryption algorithms and the controller 30 may be set up such that the initial 
encryptors such as the Datotek DH-26 security device access code generated by each authorized access unit 
can be employed. and its associated assigned password is stored in a self- 

In addition to the microprocessor 16 and the encoder 55 contained memory for ready reference. 
20, the access unit also includes an input/ou^ut device Referring now to the flow diagram of FIGS. 2 and 3 
22, typically comprising a keyboard and a transient where the accessing sub-routine of the controller unit 
display for indicating keyboard entries which, as will be 30 is depicted, it will be appreciated that after answer- 
described herein, COTiprise the user assigned password, ing an incoming telephone signal, the controller re- 
Preferably. an authorized user carries his access unit «) ccives. through the modem 28. the unit preface number 
16 to the remote terminal 10 and interconnects the ac- followed by the transmitted access code as shown at an 
cess unit with remote terminal computer peripherals input block 32. 

such as an input/outnijt de vice 2 4 which may comprise As shown in a decision block 34, inquiry is made for 
a keyboard and/or CRT or TTY. Communication from verification of the incoming access unit preface number 
the input/output device 24 to the computer 12 is first 65 with access unit preface numbers stored in the control- 
encrypted by the encoder 20 and then encoded into ler memory to determine whether the attempt to gain 
audiotones at a tone encoder/decoder modem 26 which computer access is being made through the use of a 
may comprise, by way of example, a Bell System 103 A validly assigned access unit 16 which has not been re- 
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ported to be in the possession of anyone other than its The program thereafter exits the block 52 and advises 
authorized user. If the access unit preface number is not the computer 12 of the access umt preface number as 
valid or if the preface number has been generated by a shown in ablock 54. and connects a data path from the 
unit reported as stolen or missing, the program exits the remote terminal 10 to the computer 12 through the 
decision block 34 on a branch 36 and the conuoller 30 3 encoder 50 and a computer access switch 56 
logs the security violation and terminates the telephone At the termmation of the communication between the 
iS^ 14 input/output device 24 at the terminal 10 and the com- 

Upon acknowledgment of an incoming signal from a puter 12, the controller logs the communication with 
validaccess unit, the program exits the decision block reference to the access unit preface number, the time 
34 on a branch 38 and the controller retrieves the ex- 10 and the data and thereafter disconnects the communica- 
pected access code to be received from such access unit tions link 14. . , ^ ^ . « »n 

from a memory and compares the expected access code It should be appreciated that the controller 30 niay 
with the code received over the communications link as readUy be adapted to simultaneously control a plurality 
depicted in a further decision block 40. of communication links 14 eaUblished by various accea 

In Older to prevent access code discrepancies due to »5 units. Further, in lieu of generating the access code and 
signal interference from terminating a valid access at- encryption key in advance, the controller may generate 
tempt, the controller 30 will permit a vaUd access unit these numbers during accessing procedure. Similarly, 
to transmit its access code a predetermined number of the access unit microprocessor 18 may generate lU 
times. If the transmitted access code does not match the ^ pseudorandom number upon each actuation or generate 
access code assigned to that unit number and stored in ^ the numbers once and store them in a memory for recaU 
the controUer memory, the program exits on a branch when an access code is to be generated. 
42. the access code attempt is logged and the controller The access unit 16, upon actuation, will g«^«ate its 
determines how many attempts have been made to next sequential pseudorandom nimiber modified by 
transmit the access code as shown in a decision block „ whatever password is attempted. If the user is not au- 
44 If there have been less than the allotted number of ^ thorized, he will not know that the access code gener- 
attempts, a message is returned to indicate that the ated will not grant access unless an attempt is made to 
transmitted access code has been rejected and is to be gain access. Such attempts are logged by the conuoller 
retransmitted and the program reverts to the input 30. and security personnel will be alerted upon the oc- 
block 32. After the allotted number of attempts has been 3^ currenoe of any unusual pattern of access attempte by 
reached, the program exits the decision block 44 on a any given access unit as identified by its preface num- 
branch 46 to break the communications Imk 14. ber. . ^ . ^ 

Upon receiving a transmitted access code which co- Thus, it will be seen that there is provided a computer 
incid« with the stored access code anticipated, the accessing system which achieves the various objects of 
program exits the decision block 40 on a branch 48 and 35 the invention and is well suited to meet the conditions of 
the controUer 30 thereafter sends a message to the ac- practical usage. ^ ^ ^ . . • t • ^ 

cess unit microprocessor 18 indicating acceptance of Having thus described the mvennon. there is claimed 
the access code such that the microprocessor will gen- as new and desired to be secured by Letters Patent: 
erate the next sequential pseudorandom number upon 1. A system for accessing a computer by a user having 
subsequent actuation rather than repeat its last pseudo- 40 an assigned password to establish a communications 
random number ^ data transmission between a computer terminal 

The controUer 30 then searches its nonvolatile mem- and a computer, the system comprising access m«ms at 
ory and retrieves a stored encryption key for the as- the terminal for sequentially generatmg a pseudoran- 
simcd access unit 16. The encryption key can comprise dom number of a first sequence of pseudorandom num- 
either a segment of a single random number generation 45 bers, means receiving said pseudorandom number and 
or a separate random number as generated by both the said user assigned password and in response Uicreto 
access unit microprocessor 18 and the controUer 30. modifying the pseudorandom number as a predeter- 
The encryption key retrieved by the controUer 30 is mined function of the password to provide an access 
used to key an encoder/decoder 50 associated with the code signal unique to itself, means transmitting the ac- 
controUcr. It should be appreciated that the encryption 50 cess code signal and identification signal from the tcrmi- 
key is not transmitted over the communicationa link 14 nal, controUer means at said computer, the controUer 
and is indcpendenUy generated at both the access unit means receiving the transmitted access code signal and 
16 and the controUer 30 on opposite ends of the link 14. identification signal, the controller meaiis including 
Thus, anyone intercepting and recording the data trans- means responsive to the identification signal for scquen- 
mission over the link 14 will not obtain the encryption 55 tiaUy generating a pseudorandom number of a second 
key used to set up the enciphering/deciphering net- sequence of pseudorandom numbers congruent with the 
^^j^ numbers of the first sequence and generating a signal 

As shown in a block 52 of FIG. 3, the controUer 30 corresponding to said user assigned password, and 
thereafter generates the next expected access code for means for modifying said pseudorandom number of the 
the access unit 16 through the pseudorandom number eo second sequence with said last mentioned signal to pro- 
generation algorithm with seed numbers which have vide a congruent access code signal and m response to 
been generated, e.g. as described in U.S. Pat No. the equality of the congruent access code signal and 
3.792.446. and modifies the pseudorandom number by transmitted access code signal providing ar. sc^ss sig- 
the password. AdditionaUy generated is the successive nal, and means receiving the access signal and m re- 
encryption key which may comprise a segment of the 65 sponse thereto establishing a data transmission path 
random number. The controUer 30 thereafter replaces between the terminal and the computer, said first and 
the previous access code and encryption keys for the second sequences being the same, whereby computer 
access unit 16 in its nonvolatUe memory. access is secured through a sequential change of access 
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codes in a pseudorandom fashion without direct trans- 
mission of said user's password. 

2. A system for accessing a computer to establish a 
communications link for data transmission constructed 
in accordance with claim 1 wherein the computer ter- 
minal is positioned remote from the computer. 

3. A system for accessing a computer to establish a 
communications link for data transmission from a re- 
mote terminal as constructed in accordance with claim 
2 wherein the means transmitting the access code com- 
prises a telephone communications link. 

4. A system for accessing a computer to establish a 
communications link for data transmission constructed 
in accordance with claim 1 wherein the means generat- 
ing the pseudorandom number comprises a portable 
unit. 

5. A system for accessing a computer to establish a 
communications link for data transmission constructed 
in accordance with claim 1 wherein a plurahty of said 
access means are provided for use with at least one said 
terminal, said plurality of access means having different 
pseudorandom number sequences and different identifi- 
cation signals, the controller means further including a 
plurality of means generating pseudorandom number 
sequences according to said plurality of access means, in 
a reproducible fashion. 

6. A system for accessing a computer to establish 
communication links for data transmission constructed 
in accordance with claim 1 wherein the means generat- 
ing the first pseudorandom number sequence comprises 
an access unit, the access unit further including first 
encryption means adapted to establish an cnciphering- 
/deciphering network in response to an racryption key 
signal produced therein, the controller means including 
second encryption means adapted to encipher and deci- 
pher signals in accordance with said key as produced in 
said controller, the pair of encryption means being 
adapted to encrypt data transmission between the termi- 
nal and the computer. 

7. A system for securing a communications link for 
data transmission constructed in accordance with claim 
6 wherein the access unit includes means adapted to 
separate the pseudorandom number of the first sequence 
into segments, one of the segments comprising an en- 
cryption key signal, the controller means including 
means to separate the pseudorandom number of the 
second sequence into segments, a congruent segment 
comprising the encryption key for the second cncryp- 
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pseudorandom fashion without direct transmission of 
the encryption keys. 

9. A method of accessing a computer at one location 
by a user positioned at a second location and having an 
assigned password, the method comprising the steps of 

(a) sequentially generating a nonrecurring pseudoran- 
dom number of a first sequence at the second loca- 
tion» 

(b) modifying the pseudorandom number as a func- 
tion of the user assigned password to provide an 
access code, 

(c) transmitting the access code and an identifying 
signal unique to the second location from the sec- 
ond location to the first location^ 

(d) receiving the transmitted access code and identi- 
fying signal at the first location, 

(e) in response to the identifying signal, sequentially 
generating a pseudorandom number of a second 
sequence congruent with said first sequence, at the 
first location, and also generating, in response to 
the identifying signal, a signal corresponding to the 
user assigned password, 

(0 modifying the pseudomandom number of the sec- 
ond sequence with said last mentioned signal corre- 
sponding to the user assigned password to provide 
a congruent access code, 

(g) comparing the received access code with the 
congruent access code, and 

(h) granting access to the computer upon recognition 
of an equality between the received access code 
and the congruent access code, 

whereby computer access is secured through a 
change of access codes in a pseudorandom fash- 
ion without direct transmission of the user's pass- 
word. 

10. A method of accessing a computer as set forth in 



claim 8 wherein the next sequential congruent access 
code is generated prior to receipt of the next transmitted 
access code; the method further including the steps of 
40 storing the next congruent access code and recalling 
said next congruent access code upon receipt of the next 
transmitted access code. 

11. A method of accessing a computer as set forth in 
claim 9 wherein the pseudorandom number of the first 
45 sequence generated at the second location comprises 
two segments, one of which is used to generate the 
access code, the method further including the step of 
keying an encryptor at the second location with a fur- 
ther segment of the pseudorandom number, the pseudo- 



Iw^^T!:.^'^!!?.^^^^ ^"""^ ^ random number ofthe second sequence comprising two 

r ^ - . ..^ I. - segments, one of which is used to generate the congru- 

ent access code, the method further including the step 
of keying a congruent encryptor at the first location 
with a further segment of the congruent pseudorandom 
55 number, whereby data transmission is secured through 
sequential change of encryption keys in a pseudoran- 
dom fashion without transmission of the encryption key 
from one location to the other. 

12. The method of claim 9 in which the second loca- 



through a sequential change of encryption keys in a 
pseudorandom fashion without direct transmission of 
the encryption keys. 

8. A system for securing a communications link for 
data transmission constructed in accordance with claim 
6 wherein the means adapted to generate the pseudoran- 
dom number of the first sequence is adapted to generate 
a pair of psuedorandom numbers, one of which is modi- 
fied by the password and the other of which comprises 



the encryption key signal, the means for sequentially 60 tion comprises a terminal and a portable access unit, said 

generating pseudorandom numbers of the second se- terminal being coupled to said computer at said first 

quence being adapted to generate a pair of second pseu- location, said method further comprising inserting said 

dorandom numbers one of which is modified by the access unit in ihe coupling between said terminal and 

signal corresponding to the user assigned password to computer at said second location, before said step of 

provide the congruent access code signal and the other 65 sequentially generating a nonrecurring pseudorandom 

of which comprises the encryption key signal for the number at said second location, whereby daU passing 

controller, whereby data transmission is secured through said coupling must pass through said access 

through a sequential change of encryption keys in a unit, said steps of sequentially generating a nonrecur- 
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ring pseudorandom number at said second location, 15. The system of claim 14, wherein said terminal 

modifying said pseudorandom number aa a function of comprises a I/O unit for providing data signals, and said 

the user assigned password in said second location, and access unit is connected to said I/O unit 

transmitting said access code and identifying signal M- The system of claim IS, wherein said access unit 

from said second location are effected in said access 5 includes keyboard means for entering said password, 

i^j^ 17. The system of claim 15, wherein said access unit 

13. The method of claim U wherein said access unit further comprises means for generating a constant ac- 
further comprises encryption means, said method fiir- "B"*" individual to said access umt, and 
ther comprising the step of encrypting all messages tomsmitting said constant signal prior to said access 
from said termimd in said encrypting means. 10 code as said identifymg signal. 

14. A system for accessing a i^mputer by a user hav- M. ITie system of claimlS, wherein s«d access unrt 
ing an as^gned password to estobliri. a communication ~?»P™« means for encrn,Ung daU from said I/O unit 

,- • f jI * • u* pnor to application to said data transmission path. 

link for data transmission between a computer tcnmna! P PP comprising a computer coupled to a 

and a computer vw a data transmission paU^^^ of terminals, the improvement comprising a 

compnsmgaportab leaccessumtcomiectedasa^^^ ^ y ,^ ^^^p^^ ^ 

era! to said terminal md compnsmg: terminals between the respective 

(a) means sequentially generatmg nonrccur^^^ pseu- ^^^^^ computer, each said access unit com- 
dorandom nwnbers in a reproducible fashion, and ^ pseudorandom number generator for sequen- 

(b) means modifying said pseudorandom numbers as a generating a separate pseudorandom sequence, a 
predetermmed function of said password to pro- ^^^^ identifying signal unique to the respective 
vide a first access code, and means applying said receiving a passwoni from a user, means 
access code and a unique identifying signal to said modifying the pseudorandom numbers of the respective 
data transmission path prior to data from said com- sequence by said passwords, means transmitting to the 
putcr terminal; said system further compnsmg, at ^5 computer the identifying signal and the access code, 
said computer; and means passing data between the terminal and com- 

(c) means for sequentially generating pseudorandom p^^g^ ^ system further comprising a controller at 
numbers congruent with those generated by said ^^id computer, said controller comprising means for 
access unit in response to the reception of said receiving the identifying signals from the access unit, 
identifying signal, 30 and, in response thereto, sequentially generating a pscu- 

(d) means responsive to said identifying signal for dorandom number congruent with the sequence of the 
generating a signal corresponding to said user as- given access unit and also generating a signal oorrc- 
signed password and for modifying said congruent spending to the password of the respective access unit, 
pseudorandom numbers with said last mentioned to provide an access code signal generated therein, 
signal to provide a second access code, 35 means for modifying the pseudorandom number gener- 

(e) means for receiving said first access code and ated in said controller by said access code signal gener- 
comparing it with said second access code and in ated therein to produce a congruent access code, and 
response to the equality thereof providing an ac- means responsive to equality of the congruent access 
cess signal, code and first mentioned access code for enabling ac- 

(0 means receiving the access signal and in response 40 cess of the respective terminal to said computer, 
thereto establishing a data transmission path be- 20. The system of claim 19 wherein said access unit 
twcen the terminal and the computer, whereby comprises encrypting means for encrypting data from 
computer access is secured through a sequential the respective terminal for transmission to said corn- 
change of access codes in a pseudorandom fashion puter. 

without direct transmission of the user's password. 45 » • « » • 
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